/tags/google-workspaces/Recent content in Google Workspaces on SecurosisHugoen-usSun, 25 Jun 2023 18:25:26 -0400/research/howto/aws-identity-center-google-v2/Sun, 25 Jun 2023 18:25:26 -0400/research/howto/aws-identity-center-google-v2/<blockquote> <p>This is a revised version of the original post <a href="blog/aws-identity-center-google/">Leveraging AWS SSO (aka Identity Center) with Google Workspaces</a> based on the new announcement <a href="https://aws.amazon.com/about-aws/whats-new/2023/06/aws-iam-identity-center-automated-user-provisioning-google-workspace/">AWS IAM Identity Center now supports automated user provisioning from Google Workspace</a> The original post is still valid, and in someways may be better, but this version has it&rsquo;s own advantages.</p> </blockquote> <p>Setting up <a href="https://aws.amazon.com/iam/identity-center/">AWS IAM Identity Center (successor to AWS Single Sign-On)</a>, hereafter called AWS SSO (because I have to pay AWS for egress on this site), is an excellent service to help you get rid of IAM users and enforce identity best practices around second-factor authentication, on and off-boarding employees, and assigning the right level of access depending on job function.</p> <p>Companies using Google Workspaces for email and collaboration can also leverage their Google accounts to access AWS via AWS SSO. The process isn&rsquo;t clearly documented, and the provisioning support isn&rsquo;t integrated, so here is a post to help you set it all up.</p>